CompSci Server

From Compsci.ca Wiki

(Difference between revisions)
Jump to: navigation, search
(Ideas and Suggestions)
(Ideas and Suggestions)
Line 148: Line 148:
       -- rizzix
       -- rizzix
    
    
-
   * Jail/Chroot each daemon, individually. Thus if one is compromised, the entire system may not be compromised.
+
   * Jail/Chroot each daemon, individually. Thus if one is compromised, the entire system may not
 +
    be compromised.
       -- rizzix
       -- rizzix

Revision as of 23:09, 15 July 2007

Contents

About

What it dose

The CompSci.ca server is the computer that hosts the all of the websites and services in our network. It includes the main forums, the blog, wiki, bug tracker, mail system, hosting for users, and almost anything related to CompSci.ca. It also hosts related projects like dwite.ca and user projects as well as CVS repositories and a jabber server. We also plan to add things like an IRC server to it resources pending.

Where it is

The CompSci.ca server is a dedicated server in a data center run by corenetworks.net. It is located in East Lansing, Michigan and meets Tier-1 providers on redundant fiber optic lines, though it is behind a 10Mbps switch (this maybe upgraded to 100Mbps if we get the money). Our ip space witch is rented from corenetworks is 64.85.160.30 - 64.85.160.31.

This is the closet location we could get to where the majority of our users are for a fair price. Unfortunately Canadian data rates are higher then in the US and sadly this also means we fall partly fall under the DMCA.

IP Info

  • 64.85.160.30 - All things other then the core CompSci.ca domain and service. Like dwite
  • 64.85.160.31 - The core CompSci.ca parts, the main site, sub domains and sub dirs.


Server Stats

lspci Output

00:00.0 Host bridge: Silicon Integrated Systems [SiS] 661FX/M661FX/M661MX Host (rev 11)

00:01.0 PCI bridge: Silicon Integrated Systems [SiS] SiS AGP Port (virtual PCI-to-PCI bridge)

00:02.0 ISA bridge: Silicon Integrated Systems [SiS] SiS964 [MuTIOL Media IO] (rev 36)

00:02.5 IDE interface: Silicon Integrated Systems [SiS] 5513 [IDE] (rev 01)

00:03.0 USB Controller: Silicon Integrated Systems [SiS] USB 1.0 Controller (rev 0f)

00:03.1 USB Controller: Silicon Integrated Systems [SiS] USB 1.0 Controller (rev 0f)

00:03.2 USB Controller: Silicon Integrated Systems [SiS] USB 1.0 Controller (rev 0f)

00:03.3 USB Controller: Silicon Integrated Systems [SiS] USB 2.0 Controller

00:04.0 Ethernet controller: Silicon Integrated Systems [SiS] SiS900 PCI Fast Ethernet (rev 90)

00:05.0 IDE interface: Silicon Integrated Systems [SiS] SATA (rev 01)

01:00.0 VGA compatible controller: Silicon Integrated Systems [SiS] 661/741/760/761 PCI/AGP VGA Display Adapter

Services Running

Current Status

The server has been installed in the rack in the corenetworks data center and we are now working on setting it up for use by CompSci.ca.

To Do

Main To Do

The following list of things have to be done before the server can go live:

  • Move CompSci.ca files over
  • Move user files over
  • Try to move mail over
  • Make a good webmail page with different webmail programs to use.
  • Add other webmail programs
  • Set up the DNS info for all the domains
  • Add virtual servers for each domain and sub domain
  • Install Ruby on Rails
  • Set up dwite
  • Move over e-mail accounts (mailboxes) and set them up in postfix
  • Move over e-mail forwards and aliases and set them up in postfix
  • Forward the raw ips to somewhere
  • Set up unix user accounts
  • Set up unix user groups
  • Set up ftp accounts
  • Install a php optimizer
  • Test everything a lot
  • Set up CVS right
  • Set up jabber server
  • Set up usermin
  • Force tony to remember his passwords
  • Test backup system and set up more off site backup sites
  • Set up protected dirs
  • Get postfix and everything to work with non xbit.ca domains.
  • Others

Want To Do

The fallowing are things I want on the server but are not 100% needed for the server to go live:

  • Shorewall
  • Quota System
  • Recompile kernel
  • Add spam filtering of some kind
  • Add viruses checks on mail and uploaded files
  • Find a way to get MON messages to go to my cell phone
  • Get Security Sentries working
  • Set up BIND and get it working as our DNS server
  • Add Majordomo List Manager
  • Set up https for compsci.ca as an option for all users
  • Set up a webproxy for use by things like dwite juge
  • Add better/good logging software and log analyzing software
  • Get Bandwidth Monitoring working
  • Others

How to help out

I may need some help with this server config stuff from time to time. Some of the things i need help with right now are:

  • Recompiling the kernel for shorewall and quota without getting the server in a non rebooting state
  • Setting up a spam filter for postfix that does not kill the whole mail system.
  • Setting up BIND and how to get your own DNS server working

Contact me on msn or irc for more info. We can only give trusted users access to the server though.


Special Thanks and Credits

The fallowing users where of a lot of help well setting up the server and need more then just a thanks on this page (list is in no order):

  • rizzix : For helping to set up postfix and the mail system.
  • md : For saving the server when i broke it. Also for recompling the kernel.


Thanks goes out to the other users for moral support and some small tips along the way:

Ideas and Suggestions

If you have an idea for something to put on the server or use it for leave it down here with your name.

 * Use vsftpd instead of proftpd. I heard it is faster and more secure. 
     -- rizzix
 
 * Jail/Chroot each daemon, individually. Thus if one is compromised, the entire system may not
   be compromised.
     -- rizzix
Personal tools